Privacy Policy

1. Information We Collect

We collect the following categories of information when you use Rae:

1.1 Account & Profile Information

When you sign up for Rae, we collect:

• Email address
• First name (or chosen name)
• Age
• Country

During onboarding, we also ask why you are signing up to better tailor Rae's support. Because this information can be sensitive, it is stored securely and encrypted.

1.2 Conversation Data

When you interact with Rae, we collect:

• The content of your messages and Rae's responses
• Conversation titles/names
• "Memories" or insights created by Rae based on your conversations

This information may include highly sensitive personal information, such as mental health–related details, emotions, or personal experiences that you choose to share. Conversation data is stored in our database in encrypted form.

We do not use your conversation content to train or improve external/internal AI models.

1.3 Usage & Interaction Data

We automatically collect standard usage and interaction information, such as:

• Login dates and times
• Session information (for example, number of sessions, whether a session was completed)
• Interaction frequency and duration of conversations
• Number of messages exchanged per session
• In-app actions (for example, completing exercises or viewing insights)

This data helps us understand how Rae is used so we can improve the product and keep it running reliably.

1.4 Device, Technical & Log Data

When you use Rae, we may collect:

• IP address
• Device type, operating system, and browser type
• Unique identifiers (such as cookies or app identifiers)
• Approximate location derived from your IP address
• Error, performance, and diagnostic data

This technical data is used for security, fraud prevention, debugging, and analytics.

1.5 Payment & Billing Information

If you purchase a paid plan, payments are processed by Stripe. We may receive and store limited billing-related information from Stripe such as:

• Payment status (e.g., succeeded, failed, refunded)
• Subscription details (plan type, start/end date)
• Limited card information (for example, last four digits, card brand)
• Billing name and country (if provided)

We do not store full credit card numbers or CVV codes; those are handled directly by Stripe.

1.6 Cookies and Similar Technologies

We use cookies and similar technologies in our web app and website for:

• Essential functions – logging in, maintaining sessions, keeping the app secure.
• Analytics – understanding how users navigate and use Rae.
• Marketing – measuring the effectiveness of campaigns and communications.

You can control cookies through your browser settings and, where supported, through in-product preferences. Disabling certain cookies may affect the functionality of the Service.

2. How We Use Your Information

We use the information we collect for the following purposes:

To provide the Service

• Deliver AI-powered conversations and features.
• Store your conversation history, memories, and insights so you can revisit them.
• Manage your account and authentication.

To personalize your experience

• Tailor content and suggested exercises to your goals and usage.
• Provide personalized insights and reflections over time.

To operate, maintain, and improve Rae

• Analyze usage trends to refine features and user experience.
• Debug technical issues, monitor performance, and ensure reliability.
• Develop new features based on aggregate and de-identified data.

To provide customer support

• Investigate and resolve user-reported issues.
• Help you with account-related questions or technical problems.

For security and fraud prevention

• Detect and prevent abuse, suspicious activity, or violations of our terms.
• Protect the security and integrity of the Service.

For communications and marketing

• Send you product updates, reminders, and announcements.
• Send marketing communications about Rae that we think may be relevant to you. You can opt out of marketing emails at any time via the unsubscribe link in each message.

3. Use of AI & Third‑Party AI Providers

Rae uses third‑party AI model providers to generate responses and deliver the core experience. To do this:

• We send conversation text and user prompts to our AI providers (such as Anthropic) through their APIs.
• We configure these providers so that, under their current terms and our usage settings, they do not use your data to train their general models.

If our AI providers' terms or capabilities change in a way that affects how your data is used, we will review those changes and update this Privacy Policy and our practices before using your data in any new way.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following ways:

4.1 Service Providers

We use trusted third‑party service providers that process data on our behalf to run and improve Rae. These include:

• Supabase – for database, authentication, and secure storage of user data (including encrypted conversations and account information).
• Vercel – for hosting our app and backend infrastructure.
• Anthropic – for AI model inference (processing your prompts and conversation context to generate responses).
• Stripe – for payment processing and subscription management.
• PostHog – for product analytics and user behavior analysis.
• Klaviyo – for email communications, lifecycle messaging, and campaign analytics.
• Sentry – for error tracking, performance monitoring, and debugging.
• Langfuse – for LLM observability, monitoring AI model performance, and improving response quality.

These providers may receive certain information necessary to perform their functions (for example, Supabase holds account data, PostHog receives app usage data, Anthropic receives your prompts, Langfuse receives conversation data for observability). They are generally contractually obligated to process your data only as instructed by us and not for their own unrelated purposes.

4.2 Analytics & Identifiers

For analytics and debugging (for example, via PostHog, Sentry, and Klaviyo), we may associate usage data with:

• Your email address, and/or
• A pseudonymous internal user ID from our systems.

This linkage helps us:

• Investigate and resolve specific user issues.
• Understand how different features are used.
• Provide effective customer support.

4.3 Aggregated and De-Identified Data

We may use and share aggregated or de-identified data (data that does not identify you personally) for:

• Internal research and analytics
• Improving our product and services
• Presentations, reports, or published insights about general usage patterns

Any such sharing will not identify you as an individual or reveal your specific conversation content in a way that can reasonably be linked back to you.

4.4 Legal, Safety, and Business Transfers

We may disclose your information:

• To comply with laws or respond to valid legal requests (such as a subpoena, court order, or government demand), where we are legally required to do so.
• To protect rights and safety, including our own rights, property, security, and those of our users or the public, consistent with applicable law.
• In a business transaction, such as a merger, acquisition, or sale of assets, where your data may be transferred as part of that transaction. In such cases, we will take steps to ensure your information remains protected and notify you of any material changes.

5. Data Retention & Deletion

5.1 How Long We Keep Your Data

By default, we retain your data to:

• Provide continuity of your experience (e.g., access to conversation history, insights, and memories).
• Maintain an accurate record of your account and subscription.
• Analyze long‑term usage trends to improve Rae.

We may store:

• Account data and conversation data for as long as your account is active.
• Analytics and technical logs for as long as needed for security, debugging, and product improvement, subject to our and our providers' retention policies.

5.2 Deleting Your Account and Data

You can delete your account within the app. When you do:

• We delete the data we directly store that is associated with your account, including conversation content, memories, insights, and account profile information, from our active systems.
• Certain data may persist in system backups or logs for a limited period, after which it is deleted according to our standard backup retention schedule.
• Third‑party providers (such as analytics and email tools) may retain limited information (for example, logs or historical campaign data) in line with their own retention policies. Where feasible, we will work with these providers to honor deletion requests.

If you have additional requests to delete or export your historical data, you can email us at help@rae.chat.

6. Your Choices & Controls

You have several choices regarding your information:

• Account deletion: You can delete your account (and associated data that we directly store) from within the app.
• Email communications: You can opt out of marketing emails at any time by clicking the unsubscribe link in those emails. You will still receive essential service emails (for example, password resets or critical account notices).
• Data access and export: You may request a copy of your data by emailing help@rae.chat.
• Data deletion or correction: You may request deletion or correction of specific data by contacting us at help@rae.chat.

Please note that some requests may affect our ability to provide you with the Service (for example, deleting essential account information).

7. Age Restrictions

Rae is not intended for children under 13. We do not knowingly allow individuals under the age of 13 to create accounts or use the Service.

If we become aware that a child under 13 has provided us with personal information, we will take steps to delete that information and close the account.

8. Security

We take the security and confidentiality of your information very seriously, especially given the sensitive nature of what you may share with Rae.

• Sensitive data such as your conversation content, reasons for signing up, conversation names, memories, and insights is stored securely and encrypted.
• Data is transmitted over secure connections (HTTPS) where supported.
• Access to production systems and sensitive data is restricted to authorized personnel and controlled through technical and organizational safeguards.

No system can be guaranteed 100% secure, but we work to protect your information and regularly review our security practices.

9. Medical & Crisis Disclaimers

Rae is designed as an AI-powered mental wellness companion, not a medical or clinical service.

• Rae does not provide medical diagnoses or treatment.
• Rae is not a substitute for professional mental health care, therapy, or medical advice.
• Using Rae does not create a therapist–patient or doctor–patient relationship.

Crisis and Emergencies:

Rae is not monitored by humans in real-time and does not contact emergency services or other third parties on your behalf in crisis situations. If you are in crisis, considering self-harm, or in danger, you should immediately contact local emergency services or a qualified professional resource in your area.

10. International Users & Data Transfers

Rae Collective LLC is based in the United States, and your information is stored and processed in the United States and potentially other countries where our service providers operate.

If you access Rae from outside the United States, you understand that:

• Your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.
• By using the Service, you consent to this transfer and processing of your information.

We are aware that some users may reside in jurisdictions with specific privacy laws (such as the EU/UK). While we have not formally described a full framework for those laws in this document, we still aim to handle your data responsibly and transparently. If you are in such a jurisdiction and have questions about your rights, you can contact us at help@rae.chat.

11. Communications

We may send:

• Service-related emails: such as account confirmations, security alerts, and important product or legal updates. These are necessary to operate the Service and are not subject to marketing opt-out.
• Marketing and engagement emails: such as product updates, tips, and reminders (for example, reminders about incomplete sessions). You can unsubscribe from these at any time via the link in each email.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time as our practices or legal requirements change.

• We will update the "Last Updated" date at the top of this page.
• For significant changes, we will provide a more prominent notice, such as an in-app notification or email.
• Your continued use of Rae after any changes become effective signifies that you accept the revised Privacy Policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy, or if you wish to exercise any data-related rights, please contact us:

Rae Collective LLC

Email: help@rae.chat

We will do our best to respond to your inquiry promptly and address any concerns you may have.